55 comments

[ 2.9 ms ] story [ 120 ms ] thread
Exiting to see more linux options including system76, framework, etc. I'm still really salty about the XPS13 not having proper sleep [1] and looking for other options.

[1] - https://www.dell.com/community/XPS/XPS-13-9310-Ubuntu-deep-s...

How does it differ from the sleep/hibernate I'm currently using in Ubuntu?

My XPS 13 has hardly ever been off since I bought it (2018 model), I enabled sleep/hibernate with a tweak, and it'll last weeks just sitting there "sleeping" if I don't use it.

I'd be interested in seeing an analysis of the hardware, firmware and driver security on this thing. From what I can ascertain the security implementation on some of their phones is horrifying. It brings a different dimension to the reviewer's comment they are a 'known brand among enthusiasts especially in the fields of privacy and information security'.

https://news.ycombinator.com/item?id=30761886

> From what I can ascertain the security implementation on some of their phones is horrifying.

Their phones run desktop GNU/Linux. Their security is then the same. It's probably not enough for a phone, if you run a lot of untrusted apps, but it's a start. Also, the app store only consists of FLOSS apps.

See also: https://source.puri.sm/Librem5/community-wiki/-/wikis/Freque....

The parent is referring to the replacement firmware not the OS and above. This is different from running the same FOSS software on other more closed hardware.

It's a valid concern: On the one hand Purism is gradually achieving their intermediate ideal of providing machines with open firmware for all the hardware; On the other hand, if the real life security of that open firmware is poor, it undermines their underlying principle of privacy - To complicate matters it may not be technically worse than the proprietary blobs it replaced, but it's open for all to see.

In other words, to achieve real world privacy, it's not enough for the firmware to be open, it must also be secure.

An analysis of those things would be very interesting. At a basic level, I appreciate the neutered ME and the killswitches, which already put the laptop at the front of the pack.
Only security thing they point out is USB access for the modem, and you can fix that quite easily with a bunch of udev rules, I guess. Disable device auto-probing on the USB port the modem is connected to, and bind the proper modem/ACM driver to the device manually via udev rule. Then there will be no exposure to "all Linux USB drivers" and you'll avoid modem exposing itself as a keyboard and typing things into your console, or whatever.

It's the same thing you should be doing on the desktop if you fear untrusted USB devices.

Or just use Qubes OS with a dedicated VM for usb devices: https://qubes-os.org.
That will still allow execution of kernel code you may not want executed (even though in a VM), and is thus strictly worse. Especially for the modem, which you need to run and interact with all the time on a phone, this sounds like overkill.
Not sure I understand your comment. Of course kernel code is executed in the guest VM…what’s the problem with that? An adversary would have to break Xen security controls to gain access to your other domains.
VM has to have some communication bridge to the host, for all the features of the modem. That's still quite a lot of attack surface, once guest VM is compromised.

It's better to not expose the needless attack surface rather than just attempting to isolate the attack into a leaky VM.

My understanding is that the paravirtualization provided by Xen is an effective control. The guest shouldn’t have direct access to the hardware device io right?

What is the alternative? If you don’t use a VM you have to expose dom0 directly to device io.

EDIT: ah I see we’re talking about a Linux phone! I agree with your point I’m not sure mobile devices have the resources to isolate every component into a VM. Overkill indeed!

Mobile devices could, if the SOC allowed every device to be isolated with an IOMMU. Apple does this, Nvidia too (though some SoCs are broken) and I think Qualcomm might as well. A lot of the other ARM SoCs seem to have just one or maybe two domains (GPU and everything else), and a non standard IOMMU for even that too.

I’ve looked a few times for an ARM SBC with a nice architecture to play with this stuff, Nvidia seemed to be the only option but they are also unobtanium right now.

>Only security thing they point out is USB access for the modem..

And the pointless supply chain vulnerability, introduced in order to game the FSF certification process, and lying about security features in their competitors, and accusing them of using binary blobs which they actually do as well while doing so with a worse security implementation.

>you can fix that quite easily with a bunch of udev rules, I guess

Exactly, why didn't they? I would understand if some of those were just teething troubles but that phone came out well over a year ago and bear in mind this analysis and criticism comes from within the OSS community trying to help them get this fixed, and hitting a brick wall.

I completely agree with that comment you linked, Purism is either deliberately selling snake oil or are completely clueless.

Here's another example of this with them bashing Android/iOS security:

> One of the problems with the security measures implemented in Android and iOS is that they restrict the user as much, if not more, than they restrict an attacker. [1]

When Android actually has pretty decent sandboxing [2] which I've never felt restricted me as a user, and can actually protect you from malware, unlike their recommendation which is just security theater without a sandbox when it comes to malware.

Unless you don't plan on ever installing any apps and personally audit every update yourself (since it's unlikely someone else will audit every single one thoroughly enough), malware and malicious third parties are a much greater threat than Google who is actually pretty transparent about what data they collect and handle it securely and responsibly.

[1] https://puri.sm/posts/snitching-on-phones-that-snitch-on-you...

[2] https://source.android.com/security/app-sandbox

> When Android actually has pretty decent sandboxing [2] which I've never felt restricted me as a user, and can actually protect you from malware, unlike their recommendation which is just security theater without a sandbox when it comes to malware.

Congrats on not hitting it, I guess? Android is absolutely painful if you try to do anything interesting, and it's becoming annoying even for trivial stuff - it was annoying but understandable when they started killing API surface for tasker and termux to use, it was annoying but understandable when they almost broke termux outright, but it moved beyond being understandable when they restricted file access so much that a third-party app can't move files between directories without the OS prompting you to allow the "delete".

> restricted file access so much that a third-party app can't move files between directories without the OS prompting you to allow the "delete"

What use case do you have where you have an app that you want to be able to move files but you don't trust it with the "delete" permission?

I do trust it. The OS, however, "helpfully" insists on "protecting" me and prompts every single time with no way to save the permission.
Which app and Android version is it? I've never had that issue where it prompts me every time without letting me save the permission, although if I recall requesting one time access is different than requesting permanent access for some permissions that an app has to declare, so maybe the app never declared the latter. (I admit, this is sort of silly)
This is https://f-droid.org/en/packages/com.simplemobiletools.galler... on Android 11 (LineageOS 18.1).

And yes, it may be a localized bug, but it's a localized bug that wouldn't occur on a nice normal GNU/Linux desktop without all of this, bringing us back to me agreeing with

>> One of the problems with the security measures implemented in Android and iOS is that they restrict the user as much, if not more, than they restrict an attacker.

In order to argue that, you have to list your goals, what you want to do with your phone, and the goals of an attacker. On Android, other than a few minor inconveniences, I can still achieve everything I want to with my phone, where an attacker will have a difficult time achieving their goal, of presumably stealing some data from another app.

This is compared to PureOS where you may have free reign, but so would an attacker if you install their app on your device. If you used QubesOS I'd argue that restricts the user a similar amount as Android does, not to mention missing out on a number of mobile friendly apps.

That's fair! It's quite likely that at least some of the issue is precisely that I view Android devices as just another form of general-purpose computer, and I expect to be able to run them like any other computer; if I want to download a picture from a browser, recompress and convert it to another format, and then move it to a syncthing folder and sync it off to another machine, I expect the system to make that happen, without getting in my way at every single step. But really, the file moving issue surprised me precisely because I kind of understand that lots of people expect their phone to be terribly limited, but this was a step beyond what made sense even for that usecase.
Given my previous, ongoing experience with receiving a product from Librem, will this also take years to be shipped after taking payment?
Since a few months, they have laptops in stock, so shipping occurs within 10 days.
Still waiting on a Librem 5 from 2019, while the Puri.sm site claims it takes 52 weeks to deliver new orders. Draw your own conclusions.
Did you hear about the global supply chain problems? Even Apple suffers from that: https://www.theguardian.com/technology/2021/oct/28/apple-ear....

(I am waiting for my Librem 5 too by the way!)

Edit: Their estimate for the new orders comes from the information from the CPU suppliers, which say the same thing. Every time they can get the CPUs, they ship another bunch of phones. See also: https://forums.puri.sm/t/estimate-your-librem-5-shipping/112....

Purism's shipping claims and estimates have been way way off even before there were any supply chain issues. At one point they even lied to be shipping devices, with pictures from the devices "in the wild", when it later turned out to be prototypes given to some employees.
(comment deleted)
To be fair, I put down the money knowing that I might lose it and not receive anything. I ordered mine at the start of 2019, I do not have my hopes up.
It looks like Lenovo Thinkpad T Series. Solid Linux Machines.
I'm a bit puzzled by the 'ethical' in the title. It only appears in the title, there's no explanation of what makes this laptop ethical and by which measures.

The Librem is probably the most available laptop with recent-gen hardware that is the most Free (i.e controllable down to the firmware through Free Software components, and sometimes puts proprietary components behind libre daughter cards). That's a laudable and an impressive achievement all by itself.

But when we say ethical, for me that would mean many other things too. Being very repairable and ideally modular so that the user can maintain the device for a long time. Selecting materials that ensure the device is very recyclable and sourcing those materials and the labour needed to assemble them from places that mine them in environmentally conscious ways, that don't employ child labour and pay workers fairly. Purism might be doing some or even all of that, but that information doesn't appear to be available from Purism itself and doesn't look like it's something TuxPhones intends to dig into.

Based on the next installments they do at least intend to look at the repairability of the device. Purism itself states:

> By removing just a few screws, you can easily replace the battery, wifi module, RAM, or the M.2 ssd.

> there's no explanation of what makes this laptop ethical and by which measures.

They probably mean this: https://www.fsf.org/news/fsf-adds-pureos-to-list-of-endorsed....

See also: https://news.ycombinator.com/item?id=25504641.

It's repairable and upgradable, too: https://puri.sm/posts/beyond-right-to-repair/.

> They probably mean this: https://www.fsf.org/news/fsf-adds-pureos-to-list-of-endorsed....

Possibly, yes. But if that's the case then I'd argue the author didn't understand the announcement. It covers PureOS the Debian-derivative published by Purism, not Purism's line of hardware. Purism does some stuff with hardware that the FSF considers "unethical", like the daughter card setup for components where they can't control the firmware.

The FSF explicitly states on that page:

> It is not a certification of any particular hardware shipping with PureOS.

No Purism hardware is "Respects Your Freedom" certified.

> It covers PureOS the Debian-derivative published by Purism, not Purism's line of hardware.

No, it's not just software. You can only run an FSF-endorsed distro, if you have no proprietary blobs in the OS. You can do this on Librem 14, because it uses Atheros (replaceable) WiFi module working with free software and firmware.

> No Purism hardware is "Respects Your Freedom" certified.

This is true, but they are trying to get this certification for their Librem Key and Librem 5.

It is just software. The only thing PureOS does it not ship with the firmware necessary to make those proprietary hardware components work out of the box. It's essentially Debian but without the non-free repo. Nothing stops you from making PureOS work on hardware with proprietary firmware if you want to. It isn't locked to only work on libre hardware, it's just a bit more tedious.
> They probably mean this: https://www.fsf.org/news/fsf-adds-pureos-to-list-of-endorsed....

There are already many FSF-approved Linux distributions which you can install on most laptops, many of which existed before PureOS.

> which you can install on most laptops

But your WiFi card will not work on those laptops, except for Lenovo ones from 2008 and earlier.

>there's no explanation of what makes this laptop ethical and by which measures.

Well, they didn't say "no animals were harmed in the making of this laptop" so I'm going to assume that's not what they meant & therefore probably slaughtered countless puppies in the process.

I do value the Purism goal of eradicating all the blobs from the hardware, but reading this I don't feel any envy compared to my Framework which is almost a year old already.

I don't have fixed standard ports, but I do have 4 full thunderbolt 4 ports, supporting power/charging on all, and displayport on all, and the modules convert those into whatever combination of dongle-less ports I want. Even though I would like a dongleless ethernet and there is no module for that yet, I still feel like I have way better io than this because what I do have is configurable and way more powerful.

Framework's special aim is more about hardware freedom and reusability/repairability, but software freedom is a very close second and they are not exactly slouching on that job.

Of course the machine is fully supported under linux for all hardware, and beyond that, they have fwupd support in beta, and most impressively they open sourced the bios a few months ago.

Between the open source bios and the ability to install whatever wifi card and storage you want, and the ability to disable the management engine in the cpu yourself by a hack essentially, you get pretty close to eradicating all the blobs.

And it's cheaper, even more repairable, and has better io (in a sense).

It has hardware camera & mic kills but not hardware rf kill. The screen is 3:2.

I routinely run 2 portable external thunderbolt/dp displays. Single usbc/tb3 cable to each display, power and data.

I'm not a gamer but other people have used external gpus on it so the ports support that.

I also routinely use a tb3 dock on my desktop for gigabit and two monitors and power on a single cable.

The plugin modules also means that the usbc ports are also all essentially prophylactic. If you break a usbc port, all you really broke is a $9 passthrough module which you can replace in 2 seconds like swapping a thumb drive. You can even keep using the real usbc port while the replacement module ships, if you didn't already have a spare.

64g removable ddr4, 2t removable nvme, 11th gen i9. I don't suffer for power.

Battery life could be better. After tuning I get 6 or 7 hours. Not really up to par for today, although my machine is maxxed out in cpu, disk, and ram which is on me. There is a known issue that some of the plugin usbc modules draw power at all times even when not in use and even when the machine is powered off. So, I happen to use a thunderbolt dock on my desk, and my portable monitors are usbc, so I don't happen to ever actually use the hdmi or dp modules I got, so I don't happen to suffer that power drain because the usbc modules have no electronics.

I'd be interested in hearing more about the touchpad and keyboard. The Framework keyboard feels fine and is backlit, but I don't love the layout. And I really don't like the apple-style huge glass touchpad with no buttons. At least the pad is clickable so I can at least still disable taps. And at least it does work well when I must use it. Mostly I use an mx keys keyboard and mx anywhere 3 mouse.

I really like the keyboard and touchpad on my x1 carbon 5th gen (2017/2018).

I just got a framework last week, and I was quite disappointed with the supposed “Linux support”. It’s absolutely not “out of the box support” as they claim on their marketing material. I had to do a number of tweaks to get into a usable state using Fedora 35, their recommended Linux distro.

I love the company’s mission, so I’ll cut them some slack on v1 but it feels dishonest. They should really iron out all their problems with BIOS, audio jack, suspend/hibernation, grub before selling the idea that fedora 35 is fully functional. Just be honest!

EDIT: I’m looking for a reasonable dock/KVM switch lmk if you have any recommendations!

> I had to do a number of tweaks to get into a usable state using Fedora 35

might be worth the effort of testing other distros (i hear arch has the bleeding edge)

I'm using xubuntu and the mainline kernel and the only thing I'd have to do special at all would be to make the fingerprint reader work. Everything else has just worked.

The suspend thing I think has to do with the bios not linux. It's a bug but not a linux support bug, I think.

I'm currently using a fairly old HP tb3 dock that was really only intended for use with a few laptops of theirs. I like it for it's form factor, and it does function, but there are a couple annoyances that have me looking for an update.

The tb3 cord is removable but so special that it might as well be hardwired. The dock end has a big plug with both a usbc and barrel connectors in one big chonk. The usbc part is normal so you could replace that cable with another, but you'd lose power delivery.

The video outs seem to be a bit marginal. They work but they seem to be easily disturbed, like they are right on the edge of not working. The screens lose sync and reconnect once in a while. Once in a while is not multiple times per day, but probably at least a once or twice most weeks, but also some multiple weeks with no glitch. My magnetic usbc adapter surely contributes.

Somewhere between half the time and all the time, the external monitors do not wake when the laptop wakes from sleep, and by sleep I mean just the first level like just blanking the screens. I don't have any swap or hibernate configured. But all I have to do to restore both screens is just rock the magnetic usbc connector 90 degrees to break the connection, wait 2 seconds or so, and let it snap back, and both monitors come back on and the xubuntu xrandr tool automatically restores the profile that uses them positioned the way I had them.

If I'm lucky, maybe even most of my ssh sessions survive the temporary loss of ethernet. oh-well-emoji haha

I got the same model of dock for my gf and she has a lg gram and only one external minitor, and she's running windows, and her monitor loses connection all by itself even when not idle/blanked, sometimes multiple times in a day, sometimes a couple weeks with no problem.

I have gone through a few different attempts at getting new higher quality cables and shorter runs etc.

So I think the display flakiness is in the docks and not in the laptops or the OS's or the monitors.

But it is suuuuch a sweet little unit, and it does work so 99% well. Everything else are these big ugly boxes that are big enough that they might as well just be mini pc's and skip the laptop. Or they are nice looking small but junk guts.

HP Elite ZBook TB3 dock 1DT93AA#ABA

>Intel Core i7-10710U Comet Lake processor (RRP $443), which was, apparently, the most powerful laptop-oriented Intels at the time.

No, that would be the i7-10870H, which has a higher base & max frequency, and on high performance settings will support sustained workloads much better before throttling down. Intel's "U" chips are one of the the low power flavors. Not horrible for very short burst but pretty bad for sustained loads.

I'm using the equivalent H from Gen 9. Work initially "upgraded" me from a 8+ year old xeon to a Gen 9 i7 "U" processor, and it was like stepping into molasses so I insisted on the H. Battery life is significantly worse but I can actually get work done on it, and switch to low power mode if I need to stretch things. (Even then it doesn't last as long as a U, but it's a good compromise for me)

Those U-series chips are a bit of a nerd novelty in my book. I've had some kicks and giggles getting my 6600u to run at absurdly low clock speeds (~400mhz) to see how far I could stretch the battery and how usable it was. Pretty much anything under 800mhz is unusable for desktop purposes, but it was a lot of fun playing around with that level of power tuning. Those clocks are much lower than the reported TDP-down stats, so I'm assuming it's only possible to reach those speeds courtesy of the funky sleep states Intel used to put in their Ultrabook CPUs. I don't think you can do similar tricks on new machines.

Definitely not the sort of chip you'd want to do anything besides text editing and video streaming on though.

And gen8+ U's are much better than previous dual-core chips, which were basically all i3's.
The Star Labs Starbook MK V has coreboot and intel ME turned off and is one generation newer CPU (11th gen).
Seems like all of these not-Dell linux laptops have awful speakers, how are they in this?
Also not good, will confirm when it arrives.
> Thanks to Pureboot, the Intel Management Engine (ME) on the processor is disabled: this controversial microcode component, supposed to optimize x86 machine code inside the CPU

The author has confused two things here, which are not related. The ME is not microcode, it is a special processor inside the PCH, and is supposed to provide remote management services. Whereas the Intel microcode is a totally different thing - it is an updatable part of the main CPU itself and is used for fixing performance issues, errata, or security issues like Spectre.

Are they not both types of microcode?

Just one referred to as Intel Microcode™ which is what they want you to think of as microcode, and the other _also_ being code that executes within the chip outside the user's view, which Intel doesn't refer to as Intel Microcode™ but which still meets the dictionary definition thereof?

I opened mine and found the headset jack firmware had not been written yet. Does the headphone jack work yet?
Author here. Works for me (Ubuntu 22.04), although I hear a high-pitched interference when using low-impedance IEMs.